Jamshid Karimi created BIT-1548: ----------------------------------- Summary: SendMail parameter is missing from broctl.cfg file in Debian binary installation Key: BIT-1548 URL: https://bro-tracker.atlassian.net/browse/BIT-1548 Project: Bro Issue Tracker Issue Type: Improvement Components: Bro Affects Versions: 2.4 Environment: Date tested: 2016-03-05 Operating system: Debian 8.2 Repository: Open Build System Packages: bro 2.4.1-0 bro-core 2.4.1-0 broctl 2.4.1-0 libbroccoli 2.4.1-0 Reporter: Jamshid Karimi
The Debian binary packages from Open Build Service have sendmail binary location set to SENDMAIL-NOTFOUND by default but provide no SendMail parameter in broctl.cfg to set the correct location. This means, out of the box, Bro does not send any summary connection reports to the configured email recipient. For a recent binary installation, I had to manually add the following line to broctl.cfg file to resolve the issue: SendMail = /usr/sbin/sendmail Here is the output of broctl config right after installation: Hint: Run the broctl "deploy" command to get started. bindir = /opt/bro/bin broargs = brobase = /opt/bro broctlconfigdir = /opt/bro/spool broport = 47760 broscriptdir = /opt/bro/share/bro capstatspath = /opt/bro/bin/capstats cfgdir = /opt/bro/etc cflowaddress = cflowpassword = cflowuser = commandtimeout = 60 commtimeout = 10 compresscmd = gzip -9 compressextension = gz compresslogs = 1 cron = 0 croncmd = debug = 0 debuglog = /opt/bro/spool/debug.log env_vars = havenfs = 0 helperdir = /opt/bro/share/broctl/scripts/helpers ipv6comm = 1 keeplogs = libdir = /opt/bro/lib libdirinternal = /opt/bro/lib/broctl localnetscfg = /opt/bro/etc/networks.cfg lockfile = /opt/bro/spool/lock logdir = /opt/bro/logs logexpireinterval = 0 logrotationinterval = 3600 mailalarmsinterval = 86400 mailalarmsto = root@localhost mailconnectionsummary = 1 mailfrom = Big Brother <bro@REMOVED_IP_ADDRESS> mailhostupdown = 1 mailreplyto = mailsubjectprefix = [Bro] mailto = root@localhost makearchivename = /opt/bro/share/broctl/scripts/make-archive-name memlimit = unlimited mindiskspace = 5 nodecfg = /opt/bro/etc/node.cfg os = linux pfringclusterid = 0 pfringclustertype = 4-tuple pfringfirstappinstance = 0 pin_command = taskset -c plugindir = /opt/bro/lib/broctl/plugins policydir = /opt/bro/share/bro policydirsiteinstall = /opt/bro/spool/installed-scripts-do-not-touch/site policydirsiteinstallauto = /opt/bro/spool/installed-scripts-do-not-touch/auto postprocdir = /opt/bro/share/broctl/scripts/postprocessors prefixes = local savetraces = 0 scriptsdir = /opt/bro/share/broctl/scripts sendmail = SENDMAIL-NOTFOUND sigint = 0 sitepluginpath = sitepolicymanager = local-manager.bro sitepolicypath = /opt/bro/share/bro/site sitepolicystandalone = local.bro sitepolicyworker = local-worker.bro spooldir = /opt/bro/spool standalone = 1 statefile = /opt/bro/spool/state.db staticdir = /opt/bro/share/broctl statsdir = /opt/bro/logs/stats statslog = /opt/bro/spool/stats.log statslogenable = 1 statslogexpireinterval = 0 statuscmdshowall = 1 stoptimeout = 60 test.enabled = 0 test.foo = 1 time = timefmt = %d %b %H:%M:%S timemachinehost = timemachineport = 47757/tcp tmpdir = /opt/bro/spool/tmp tmpexecdir = /opt/bro/spool/tmp tracesummary = /opt/bro/bin/trace-summary version = 1.4 zoneid = -- This message was sent by Atlassian JIRA (v7.2.0-OD-03-010#72000) _______________________________________________ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev